Versions Compared

Old Version 5

changes.mady.by.user Olivier Michaut

Saved on

compared with

New Version Current

changes.mady.by.user Olivier Michaut

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Create a configuration file udmg.conf under this directory (normally /etc/nginx/conf.d). This will create 2 locations: ‘/' for the UDMG Admin UI and '/service' for the internal authentication mechanism.


Note
titleNote

The default upstream port to reach the UDMG Authentication Proxy is set to 5775 in /opt/udmg/etc/udmg/nginx/udmg.conf starting from version 1.5.0.1.

Please review and make sure that the same port (either 5000 or 5775) is also defined in /opt/udmg/etc/udmg/auth-proxy/config.toml .


Panel

upstream udmg_auth_proxy {
# UDMG Auth Proxy Configuration
    server        localhost:5000;
    ip_hash;
    keepalive 10;    
}

server {
    listen        80;

    listen    [::]80;

#    listen        443 ssl;
#    ssl_certificate /etc/udmg/certs/udmg.pem;
#    ssl_certificate_key /etc/udmg/certs/udmg.key;
#    ssl_session_timeout 5m;
#    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
#    ssl_protocols TLSv1.2;
#    ssl_prefer_server_ciphers on;

    server_name   localhost;

    access_log    log    /opt/udmg/var/log/nginx/hostadmin.access.log main;

    location /service/ {
      proxy_pass pass         http://udmg_auth_proxy/;
      proxy_set_header Xheader   X-Real-IP $remoteIP       $remote_addr;
      proxy_set_header Xheader   X-Forwarded-For $proxy_add_x_forwarded_for;

    }

    location / {
        try_files $uri $uri/ /index.html;
        root      /opt/udmg/var/www/udmg;
    }
}


Note
titleNote

Debian/Ubuntu: the main log format is not defined (commented out in /etc/nginx/nginx/conf) when the installation is performed from the Debian package repository. It is necessary to either revert the access_log format to the default by removing the main from the example above or to uncomment it from the nginx.conf file. It is also possible to install the package from the NGINX official repository, which defines the main log format.  

  • Remove any /etc/nginx/conf.d/default.conf file, to disable the NGINX default landing page on port 80.
  • Validate that the configuration is correct with the following command:

...

  • Create a directory under the configuration folder called "enabled"

  • Create a configuration file udmg.conf under this directory, C:\UDMG\nginx\conf\enabled:

    Panel

    upstream udmg_auth_proxy {
     # UDMG Auth Proxy Configuration
        server        localhost:5000;
    }

    server {
        listen        80;

    #    listen        443 ssl;
    #    ssl_certificate /etc/udmg/certs/udmg.pem;
    #    ssl_certificate_key /etc/udmg/certs/udmg.key;
    #    ssl_session_timeout 5m;
    #    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    #    ssl_protocols TLSv1.2;
    #    ssl_prefer_server_ciphers on;


        server_name   localhost;

        access_log    logs//udmg.access.log;

        location /service/ {
          proxy_pass  pass         http://udmg_auth_proxy/;
          proxy_set_header Xheader   X-Real-IP $remoteIP       $remote_addr;
          proxy_set_header Xheader   X-Forwarded-For $proxy_add_x_forwarded_for;
        }


         location / {
            try_files $uri $uri/ /index.html;
            root      udmg;
        }
    }



  • Edit the default the http section of NGINX the By default, the NGINX main configuration file C:\UDMG\nginx\conf\nginx.conf Remove has a section to provide a landing page on port 80

  • Edit the file to remove the standard server section with the default port "listen 80" directive

  • Add an include directive to load the udmg.conf file inside file. For example, the default file is like this
Panel

http {
  include mime.types;
  default_type application/octet-stream;


  # other parameters...


  server {

     listen 80;

     return 404;

  }

}

and must be edit edited to look like this:

Panel

http {
  include mime.types;
  default_type application/octet-stream;


  # other parameters...

  include "C:/UDMG/nginx/conf/enabled/*.conf";

}

...

  • Validate that the configuration is correct with the following command:

...

  • For configuring HTTPS and HTTP redirection, please refer to the web server documentation (Configuring HTTPS servers).
  • The paths in any NGINX configuration file must be specified in UNIX-style, using forward slashes '/'.
  • For running NGINX as a service please refer to the service section in UDMG for Windows Installation.